本文介绍了DotNetOpenAuth OAuth2访问额外的数据的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用DotNetOpenAuth的OAuth2库来处理与另一个第三方系统的授权。一切正常,除了第三方系统在响应中返回带有AccessToken的UserId = testname。

I'm using DotNetOpenAuth's OAuth2 library to handle authorization with another third party system. It all works great, except that the third party system is returning the UserId="testname" in the Response with the AccessToken.

我需要该UserId,因为此第三方API要求将其作为API调用的一部分(例如:users / {userId} / account)。

I need that UserId because this third party API requires it as part of their API calls (ex: users/{userId}/account).

使用DotNetOpenAuth,我无权访问AccessToken响应,所以我

Using DotNetOpenAuth, I don't have access to the AccessToken response so I can't get the UserId out.

我正在打电话:(_client是WebServerClient)
var state = _client.ProcessUserAuthorization(request);

I'm calling: (_client is a WebServerClient)var state = _client.ProcessUserAuthorization(request);

状态有我的AccessToken,但没有向下发送的多余数据。根据DotNetOpenAuth源代码,用户ID进入库中,而我没有任何访问权限。

state has my AccessToken, but not the extra data sent down. Based on the DotNetOpenAuth source code the UserId came in inside the library and I don't have any access.

是否可以使用DotNetOpenAuth将用户ID删除?还是我需要放弃DotNetOpenAuth并尝试其他方法?

Is there anyway to get that UserId out using DotNetOpenAuth? Or do I need to abandon DotNetOpenAuth and try something else?

推荐答案

您可以通过实现<$ c $来访问请求和响应数据c> IDirectWebRequestHandler 并将其分配给 Channel 。但是在DNOA的当前实现中,让它起作用的唯一方法是将代理模式应用于现有的 UntrustedWebRequestHandler 类,这是因为此特定处理程序传递了一个 CachedDirectWebResponse ,它具有可以多次读取的响应流-一次由您的代码检索其他数据,然后由下游代码传送至 ProcessUserAuthorization()

You can access request and response data by implementing IDirectWebRequestHandler and assigning it to Channel. But with current implementation of DNOA, the only way I got it to work is by applying proxy pattern to an existing UntrustedWebRequestHandlerclass, this is because this particular handler passes a CachedDirectWebResponse, which has a response stream that could be read multiple times - once by your code to retrieve additional data, and later by downstream code to ProcessUserAuthorization().

这是自定义 IDirectWebRequestHandler 的代码:

public class RequestHandlerWithLastResponse : IDirectWebRequestHandler
    {
    private readonly UntrustedWebRequestHandler _webRequestHandler;
    public string LastResponseContent { get; private set; }

    public RequestHandlerWithLastResponse(UntrustedWebRequestHandler webRequestHandler)
        {
        if (webRequestHandler == null) throw new ArgumentNullException( "webRequestHandler" );
        _webRequestHandler = webRequestHandler;
        }

    public bool CanSupport( DirectWebRequestOptions options )
        {
        return _webRequestHandler.CanSupport( options );
        }

    public Stream GetRequestStream( HttpWebRequest request )
        {
        return _webRequestHandler.GetRequestStream( request, DirectWebRequestOptions.None );
        }

    public Stream GetRequestStream( HttpWebRequest request, DirectWebRequestOptions options )
        {
        return _webRequestHandler.GetRequestStream( request, options );
        }

    public IncomingWebResponse GetResponse( HttpWebRequest request )
        {
        var response = _webRequestHandler.GetResponse( request, DirectWebRequestOptions.None );

        //here we actually getting the response content
        this.LastResponseContent = GetResponseContent( response );

        return response;
        }

    public IncomingWebResponse GetResponse( HttpWebRequest request, DirectWebRequestOptions options )
        {
        return _webRequestHandler.GetResponse( request, options );
        }

    private string GetResponseContent(IncomingWebResponse response)
        {

        MemoryStream stream = new MemoryStream();
        response.ResponseStream.CopyTo(stream);

        stream.Position = 0;
        response.ResponseStream.Position = 0;

        using (var sr = new StreamReader(stream))
            {
            return sr.ReadToEnd();
            }
        }
    }

这就是我们的申请方式它并获取响应数据:

And this is how we apply it and get response data:

var h = new RequestHandlerWithLastResponse(new UntrustedWebRequestHandler()); ;
_client.Channel.WebRequestHandler = h;

var auth = _client.ProcessUserAuthorization( request );

//convert response json to POCO
var extraData = JsonConvert.DeserializeObject<MyExtraData>( h.LastResponseContent );

这篇关于DotNetOpenAuth OAuth2访问额外的数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-17 02:19